nginx-rp: Update headers

This commit is contained in:
Viyurz 2023-11-23 07:58:51 +00:00
parent 8b7e1fa475
commit efc9f117f9
No known key found for this signature in database

View file

@ -23,7 +23,7 @@ http {
default_type application/octet-stream;
# Logging
log_not_found on;
# log_not_found on;
# access_log /var/log/nginx/access.log;
# error_log /var/log/nginx/error.log warn;
@ -68,10 +68,6 @@ http {
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header Accept-Encoding "";
# Websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# The `upstream` directives ensure that you have a http/1.1 connection
# This enables the keepalive option and better performance
@ -135,6 +131,11 @@ http {
add_header Set-Cookie "Path=/; HttpOnly; Secure";
# Websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
client_body_buffer_size 512k;
proxy_read_timeout 86400s;
client_max_body_size 0;
@ -152,6 +153,11 @@ http {
location / {
proxy_pass http://vaultwarden-default;
# Websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
client_max_body_size 525M;
}
}
@ -166,6 +172,11 @@ http {
location / {
proxy_pass http://127.0.0.1:8083;
add_header Strict-Transport-Security "max-age=31536000" always;
add_header Set-Cookie "Path=/; HttpOnly; Secure";
# Disable some features
add_header Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()";
}
}